<HTML>
<BODY BGCOLOR="white">
<PRE>
<FONT color="green">001</FONT>    package com.gwt.ss;<a name="line.1"></a>
<FONT color="green">002</FONT>    <a name="line.2"></a>
<FONT color="green">003</FONT>    import java.lang.reflect.Field;<a name="line.3"></a>
<FONT color="green">004</FONT>    <a name="line.4"></a>
<FONT color="green">005</FONT>    import javax.servlet.FilterChain;<a name="line.5"></a>
<FONT color="green">006</FONT>    import javax.servlet.ServletContext;<a name="line.6"></a>
<FONT color="green">007</FONT>    <a name="line.7"></a>
<FONT color="green">008</FONT>    import org.aspectj.lang.JoinPoint;<a name="line.8"></a>
<FONT color="green">009</FONT>    import org.aspectj.lang.ProceedingJoinPoint;<a name="line.9"></a>
<FONT color="green">010</FONT>    import org.aspectj.lang.annotation.Around;<a name="line.10"></a>
<FONT color="green">011</FONT>    import org.aspectj.lang.annotation.Aspect;<a name="line.11"></a>
<FONT color="green">012</FONT>    import org.slf4j.Logger;<a name="line.12"></a>
<FONT color="green">013</FONT>    import org.slf4j.LoggerFactory;<a name="line.13"></a>
<FONT color="green">014</FONT>    import org.springframework.security.core.Authentication;<a name="line.14"></a>
<FONT color="green">015</FONT>    import org.springframework.security.core.context.SecurityContextHolder;<a name="line.15"></a>
<FONT color="green">016</FONT>    import org.springframework.security.core.session.SessionInformation;<a name="line.16"></a>
<FONT color="green">017</FONT>    import org.springframework.security.core.session.SessionRegistry;<a name="line.17"></a>
<FONT color="green">018</FONT>    import org.springframework.security.web.authentication.logout.LogoutHandler;<a name="line.18"></a>
<FONT color="green">019</FONT>    import org.springframework.security.web.authentication.session.SessionAuthenticationException;<a name="line.19"></a>
<FONT color="green">020</FONT>    import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;<a name="line.20"></a>
<FONT color="green">021</FONT>    import org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy;<a name="line.21"></a>
<FONT color="green">022</FONT>    import org.springframework.security.web.context.SecurityContextRepository;<a name="line.22"></a>
<FONT color="green">023</FONT>    import org.springframework.security.web.session.ConcurrentSessionFilter;<a name="line.23"></a>
<FONT color="green">024</FONT>    import org.springframework.security.web.session.SessionManagementFilter;<a name="line.24"></a>
<FONT color="green">025</FONT>    import org.springframework.web.context.ServletContextAware;<a name="line.25"></a>
<FONT color="green">026</FONT>    <a name="line.26"></a>
<FONT color="green">027</FONT>    /**<a name="line.27"></a>
<FONT color="green">028</FONT>     * If you apply &lt;a href="http://static.springsource.org/spring-security/site/docs/3.1.x/reference/ns-config.html#ns-session-mgmt"&gt;<a name="line.28"></a>
<FONT color="green">029</FONT>     * Session Management&lt;/a&gt; in your secured gwt application,you need to make sure<a name="line.29"></a>
<FONT color="green">030</FONT>     * &lt;ul&gt;<a name="line.30"></a>
<FONT color="green">031</FONT>     *   &lt;li&gt;property &amp;quot;proxy-target-class&amp;quot; of &amp;lt;aop:aspectj-autoproxy&amp;gt; set as &amp;quot;false&amp;quot; owing to <a name="line.31"></a>
<FONT color="green">032</FONT>     *   Spring's &lt;a href="http://static.springsource.org/spring/docs/3.1.0.M1/spring-framework-reference/html/aop.html#aop-proxying"&gt;proxy<a name="line.32"></a>
<FONT color="green">033</FONT>     *   mechanism&lt;/a&gt; only allow null constructor,unfortunately {@link org.springframework.security.web.session.SessionManagementFilter SessionManagementFilter}<a name="line.33"></a>
<FONT color="green">034</FONT>     *   didn't. <a name="line.34"></a>
<FONT color="green">035</FONT>     *   &lt;/li&gt; <a name="line.35"></a>
<FONT color="green">036</FONT>     *   &lt;li&gt;Instantiate this bean&lt;/li&gt;<a name="line.36"></a>
<FONT color="green">037</FONT>     * &lt;/ul&gt;&lt;/br&gt;<a name="line.37"></a>
<FONT color="green">038</FONT>     * 如果您的GWT程式設定了&lt;a href="http://static.springsource.org/spring-security/site/docs/3.1.x/reference/ns-config.html#ns-session-mgmt"&gt;<a name="line.38"></a>
<FONT color="green">039</FONT>     * Session Management&lt;/a&gt;，您必須<a name="line.39"></a>
<FONT color="green">040</FONT>     * &lt;ul&gt;<a name="line.40"></a>
<FONT color="green">041</FONT>     *   &lt;li&gt;將&amp;lt;aop:aspectj-autoproxy&amp;gt;的屬性&amp;quot;proxy-target-class&amp;quot;設為&amp;quot;false&amp;quot;，這是由於<a name="line.41"></a>
<FONT color="green">042</FONT>     *   Sprig AOP的&lt;a href="http://static.springsource.org/spring/docs/3.1.0.M1/spring-framework-reference/html/aop.html#aop-proxying"&gt;proxy<a name="line.42"></a>
<FONT color="green">043</FONT>     *   機制&lt;/a&gt;不接受有參數的建構子，而{@link org.springframework.security.web.session.SessionManagementFilter SessionManagementFilter}<a name="line.43"></a>
<FONT color="green">044</FONT>     *   的建構子卻含有參數        <a name="line.44"></a>
<FONT color="green">045</FONT>     *   &lt;/li&gt;  <a name="line.45"></a>
<FONT color="green">046</FONT>     *   &lt;li&gt;建立本類別實例&lt;/li&gt; <a name="line.46"></a>
<FONT color="green">047</FONT>     * &lt;/ul&gt;       <a name="line.47"></a>
<FONT color="green">048</FONT>     */<a name="line.48"></a>
<FONT color="green">049</FONT>    @Aspect<a name="line.49"></a>
<FONT color="green">050</FONT>    public class GwtSessionManagement implements ServletContextAware {<a name="line.50"></a>
<FONT color="green">051</FONT>    <a name="line.51"></a>
<FONT color="green">052</FONT>        protected static Logger logger = LoggerFactory.getLogger(GwtSessionManagement.class);<a name="line.52"></a>
<FONT color="green">053</FONT>        private ServletContext servletContext;<a name="line.53"></a>
<FONT color="green">054</FONT>        static final String FILTER_APPLIED = "__spring_security_session_mgmt_filter_applied";<a name="line.54"></a>
<FONT color="green">055</FONT>        private SessionManagementFilter smTarget = null;<a name="line.55"></a>
<FONT color="green">056</FONT>        private ConcurrentSessionFilter csTarget = null;<a name="line.56"></a>
<FONT color="green">057</FONT>        private SessionRegistry sessionRegistry;<a name="line.57"></a>
<FONT color="green">058</FONT>        private LogoutHandler[] logoutHandlers = null;<a name="line.58"></a>
<FONT color="green">059</FONT>        private SecurityContextRepository securityContextRepository = null;<a name="line.59"></a>
<FONT color="green">060</FONT>        private SessionAuthenticationStrategy sessionStrategy = new SessionFixationProtectionStrategy();<a name="line.60"></a>
<FONT color="green">061</FONT>        private String invalidSessionUrl = null;<a name="line.61"></a>
<FONT color="green">062</FONT>        private Object invalidSessionStrategy = null;<a name="line.62"></a>
<FONT color="green">063</FONT>    <a name="line.63"></a>
<FONT color="green">064</FONT>        @Override<a name="line.64"></a>
<FONT color="green">065</FONT>        public void setServletContext(ServletContext servletContext) {<a name="line.65"></a>
<FONT color="green">066</FONT>            this.servletContext = servletContext;<a name="line.66"></a>
<FONT color="green">067</FONT>        }<a name="line.67"></a>
<FONT color="green">068</FONT>    <a name="line.68"></a>
<FONT color="green">069</FONT>        private ConcurrentSessionFilter getCSTarget(ProceedingJoinPoint pjp) {<a name="line.69"></a>
<FONT color="green">070</FONT>            if (csTarget == null) {<a name="line.70"></a>
<FONT color="green">071</FONT>                csTarget = (ConcurrentSessionFilter) pjp.getTarget();<a name="line.71"></a>
<FONT color="green">072</FONT>            }<a name="line.72"></a>
<FONT color="green">073</FONT>            return csTarget;<a name="line.73"></a>
<FONT color="green">074</FONT>        }<a name="line.74"></a>
<FONT color="green">075</FONT>    <a name="line.75"></a>
<FONT color="green">076</FONT>        private SessionRegistry getSessionRegistry(ConcurrentSessionFilter target) throws<a name="line.76"></a>
<FONT color="green">077</FONT>                NoSuchFieldException, IllegalArgumentException, IllegalAccessException {<a name="line.77"></a>
<FONT color="green">078</FONT>            if (sessionRegistry == null) {<a name="line.78"></a>
<FONT color="green">079</FONT>                Field f = ConcurrentSessionFilter.class.getDeclaredField("sessionRegistry");<a name="line.79"></a>
<FONT color="green">080</FONT>                f.setAccessible(true);<a name="line.80"></a>
<FONT color="green">081</FONT>                sessionRegistry = (SessionRegistry) f.get(target);<a name="line.81"></a>
<FONT color="green">082</FONT>            }<a name="line.82"></a>
<FONT color="green">083</FONT>            return sessionRegistry;<a name="line.83"></a>
<FONT color="green">084</FONT>        }<a name="line.84"></a>
<FONT color="green">085</FONT>    <a name="line.85"></a>
<FONT color="green">086</FONT>        private LogoutHandler[] getLogoutHandlers(ConcurrentSessionFilter target) throws<a name="line.86"></a>
<FONT color="green">087</FONT>                NoSuchFieldException, IllegalArgumentException, IllegalAccessException {<a name="line.87"></a>
<FONT color="green">088</FONT>            if (logoutHandlers == null) {<a name="line.88"></a>
<FONT color="green">089</FONT>                Field f = ConcurrentSessionFilter.class.getDeclaredField("handlers");<a name="line.89"></a>
<FONT color="green">090</FONT>                f.setAccessible(true);<a name="line.90"></a>
<FONT color="green">091</FONT>                logoutHandlers = (LogoutHandler[]) f.get(target);<a name="line.91"></a>
<FONT color="green">092</FONT>            }<a name="line.92"></a>
<FONT color="green">093</FONT>            return logoutHandlers;<a name="line.93"></a>
<FONT color="green">094</FONT>        }<a name="line.94"></a>
<FONT color="green">095</FONT>    <a name="line.95"></a>
<FONT color="green">096</FONT>        private SessionManagementFilter getSMTarget(ProceedingJoinPoint pjp) {<a name="line.96"></a>
<FONT color="green">097</FONT>            if (smTarget == null) {<a name="line.97"></a>
<FONT color="green">098</FONT>                smTarget = (SessionManagementFilter) pjp.getTarget();<a name="line.98"></a>
<FONT color="green">099</FONT>            }<a name="line.99"></a>
<FONT color="green">100</FONT>            return smTarget;<a name="line.100"></a>
<FONT color="green">101</FONT>        }<a name="line.101"></a>
<FONT color="green">102</FONT>    <a name="line.102"></a>
<FONT color="green">103</FONT>        private SecurityContextRepository getSecurityContextRepository(SessionManagementFilter target) throws<a name="line.103"></a>
<FONT color="green">104</FONT>                NoSuchFieldException, IllegalArgumentException, IllegalAccessException {<a name="line.104"></a>
<FONT color="green">105</FONT>            if (securityContextRepository == null) {<a name="line.105"></a>
<FONT color="green">106</FONT>                Field f = SessionManagementFilter.class.getDeclaredField("securityContextRepository");<a name="line.106"></a>
<FONT color="green">107</FONT>                f.setAccessible(true);<a name="line.107"></a>
<FONT color="green">108</FONT>                securityContextRepository = (SecurityContextRepository) f.get(target);<a name="line.108"></a>
<FONT color="green">109</FONT>            }<a name="line.109"></a>
<FONT color="green">110</FONT>            return securityContextRepository;<a name="line.110"></a>
<FONT color="green">111</FONT>        }<a name="line.111"></a>
<FONT color="green">112</FONT>    <a name="line.112"></a>
<FONT color="green">113</FONT>        private Object getInvalidSessionStrategy(SessionManagementFilter target)<a name="line.113"></a>
<FONT color="green">114</FONT>                throws IllegalArgumentException, IllegalAccessException {<a name="line.114"></a>
<FONT color="green">115</FONT>            if (invalidSessionStrategy == null) {<a name="line.115"></a>
<FONT color="green">116</FONT>                try{<a name="line.116"></a>
<FONT color="green">117</FONT>                    Field f = SessionManagementFilter.class.getDeclaredField("invalidSessionStrategy");<a name="line.117"></a>
<FONT color="green">118</FONT>                    f.setAccessible(true);<a name="line.118"></a>
<FONT color="green">119</FONT>                    invalidSessionStrategy = f.get(target);<a name="line.119"></a>
<FONT color="green">120</FONT>                }<a name="line.120"></a>
<FONT color="green">121</FONT>                catch (NoSuchFieldException e){<a name="line.121"></a>
<FONT color="green">122</FONT>                    // Do nothing.  We are probably using Spring Security 3.0.5.RELEASE.<a name="line.122"></a>
<FONT color="green">123</FONT>                }<a name="line.123"></a>
<FONT color="green">124</FONT>            }<a name="line.124"></a>
<FONT color="green">125</FONT>            return invalidSessionStrategy;<a name="line.125"></a>
<FONT color="green">126</FONT>        }<a name="line.126"></a>
<FONT color="green">127</FONT>        <a name="line.127"></a>
<FONT color="green">128</FONT>        private String getInvalidSessionUrl(SessionManagementFilter target) throws <a name="line.128"></a>
<FONT color="green">129</FONT>            IllegalArgumentException, IllegalAccessException {<a name="line.129"></a>
<FONT color="green">130</FONT>            if (invalidSessionUrl == null) {<a name="line.130"></a>
<FONT color="green">131</FONT>                try {<a name="line.131"></a>
<FONT color="green">132</FONT>                    Field f = SessionManagementFilter.class.getDeclaredField("invalidSessionUrl");<a name="line.132"></a>
<FONT color="green">133</FONT>                    f.setAccessible(true);<a name="line.133"></a>
<FONT color="green">134</FONT>                    invalidSessionUrl = (String) f.get(target);<a name="line.134"></a>
<FONT color="green">135</FONT>                }<a name="line.135"></a>
<FONT color="green">136</FONT>                catch (NoSuchFieldException e){<a name="line.136"></a>
<FONT color="green">137</FONT>                    // Do nothing.  We are probably using Spring Security 3.1.0.RELEASE.<a name="line.137"></a>
<FONT color="green">138</FONT>                }<a name="line.138"></a>
<FONT color="green">139</FONT>            }<a name="line.139"></a>
<FONT color="green">140</FONT>            return invalidSessionUrl == null ? null : invalidSessionUrl.isEmpty() ? null : invalidSessionUrl;<a name="line.140"></a>
<FONT color="green">141</FONT>        }<a name="line.141"></a>
<FONT color="green">142</FONT>    <a name="line.142"></a>
<FONT color="green">143</FONT>        private FilterChain getFilterChain(JoinPoint jp) {<a name="line.143"></a>
<FONT color="green">144</FONT>            if (jp == null) {<a name="line.144"></a>
<FONT color="green">145</FONT>                return null;<a name="line.145"></a>
<FONT color="green">146</FONT>            } else {<a name="line.146"></a>
<FONT color="green">147</FONT>                for (Object obj : jp.getArgs()) {<a name="line.147"></a>
<FONT color="green">148</FONT>                    if (obj != null &amp;&amp; obj instanceof FilterChain) {<a name="line.148"></a>
<FONT color="green">149</FONT>                        return (FilterChain) obj;<a name="line.149"></a>
<FONT color="green">150</FONT>                    }<a name="line.150"></a>
<FONT color="green">151</FONT>                }<a name="line.151"></a>
<FONT color="green">152</FONT>                return null;<a name="line.152"></a>
<FONT color="green">153</FONT>            }<a name="line.153"></a>
<FONT color="green">154</FONT>        }<a name="line.154"></a>
<FONT color="green">155</FONT>    <a name="line.155"></a>
<FONT color="green">156</FONT>        @Around("execution(* org.springframework.security.web.session.SessionManagementFilter.doFilter(..))")<a name="line.156"></a>
<FONT color="green">157</FONT>        public Object doSMFilter(ProceedingJoinPoint pjp) throws Throwable {<a name="line.157"></a>
<FONT color="green">158</FONT>            HttpHolder holder = HttpHolder.getInstance(pjp);<a name="line.158"></a>
<FONT color="green">159</FONT>            if (holder.isGwt()) {<a name="line.159"></a>
<FONT color="green">160</FONT>                if (logger.isDebugEnabled()) {<a name="line.160"></a>
<FONT color="green">161</FONT>                    logger.debug("GwtSessionManagementFilter instead of  SessionManagementFilter");<a name="line.161"></a>
<FONT color="green">162</FONT>                }<a name="line.162"></a>
<FONT color="green">163</FONT>                if (holder.getRequest().getAttribute(FILTER_APPLIED) != null) {<a name="line.163"></a>
<FONT color="green">164</FONT>                    if (logger.isDebugEnabled()) {<a name="line.164"></a>
<FONT color="green">165</FONT>                        logger.debug("Request already filter applied.");<a name="line.165"></a>
<FONT color="green">166</FONT>                    }<a name="line.166"></a>
<FONT color="green">167</FONT>                    //do next filter<a name="line.167"></a>
<FONT color="green">168</FONT>                    getFilterChain(pjp).doFilter(holder.getRequest(), holder.getResponse());<a name="line.168"></a>
<FONT color="green">169</FONT>                    return null;<a name="line.169"></a>
<FONT color="green">170</FONT>                }<a name="line.170"></a>
<FONT color="green">171</FONT>    <a name="line.171"></a>
<FONT color="green">172</FONT>                holder.getRequest().setAttribute(FILTER_APPLIED, Boolean.TRUE);<a name="line.172"></a>
<FONT color="green">173</FONT>    <a name="line.173"></a>
<FONT color="green">174</FONT>                if (!getSecurityContextRepository(getSMTarget(pjp)).containsContext(holder.getRequest())) {<a name="line.174"></a>
<FONT color="green">175</FONT>                    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();<a name="line.175"></a>
<FONT color="green">176</FONT>                    if (authentication != null &amp;&amp; !GwtResponseUtil.isAnonymous(authentication)) {<a name="line.176"></a>
<FONT color="green">177</FONT>                        // The user has been authenticated during the current request, so call the session strategy<a name="line.177"></a>
<FONT color="green">178</FONT>                        try {<a name="line.178"></a>
<FONT color="green">179</FONT>                            sessionStrategy.onAuthentication(authentication, holder.getRequest(), holder.getResponse());<a name="line.179"></a>
<FONT color="green">180</FONT>                        } catch (SessionAuthenticationException e) {<a name="line.180"></a>
<FONT color="green">181</FONT>                            if (logger.isErrorEnabled()) {<a name="line.181"></a>
<FONT color="green">182</FONT>                                logger.error("SessionAuthenticationStrategy rejected the authentication object", e);<a name="line.182"></a>
<FONT color="green">183</FONT>                            }<a name="line.183"></a>
<FONT color="green">184</FONT>                            SecurityContextHolder.clearContext();<a name="line.184"></a>
<FONT color="green">185</FONT>                            GwtResponseUtil.processGwtException(servletContext, holder.getRequest(), holder.getResponse(), e);<a name="line.185"></a>
<FONT color="green">186</FONT>                            return null;<a name="line.186"></a>
<FONT color="green">187</FONT>                        }<a name="line.187"></a>
<FONT color="green">188</FONT>                        // Eagerly save the security context to make it available for any possible re-entrant<a name="line.188"></a>
<FONT color="green">189</FONT>                        // requests which may occur before the current request completes. SEC-1396.<a name="line.189"></a>
<FONT color="green">190</FONT>                        getSecurityContextRepository(getSMTarget(pjp)).saveContext(SecurityContextHolder.getContext(), holder.getRequest(), holder.getResponse());<a name="line.190"></a>
<FONT color="green">191</FONT>                    } else {<a name="line.191"></a>
<FONT color="green">192</FONT>                        // No security context or authentication present. Check for a session timeout<a name="line.192"></a>
<FONT color="green">193</FONT>                        if (holder.getRequest().getRequestedSessionId() != null &amp;&amp; !holder.getRequest().isRequestedSessionIdValid()) {<a name="line.193"></a>
<FONT color="green">194</FONT>                            if (logger.isDebugEnabled()) {<a name="line.194"></a>
<FONT color="green">195</FONT>                                logger.debug("Requested session ID" + holder.getRequest().getRequestedSessionId() + " is invalid.");<a name="line.195"></a>
<FONT color="green">196</FONT>                            }<a name="line.196"></a>
<FONT color="green">197</FONT>                            if (getInvalidSessionUrl(getSMTarget(pjp)) != null || getInvalidSessionStrategy(getSMTarget(pjp)) != null) {<a name="line.197"></a>
<FONT color="green">198</FONT>                                if (logger.isDebugEnabled()) {<a name="line.198"></a>
<FONT color="green">199</FONT>                                    logger.debug("Starting new session (if required) and notify front-end user");<a name="line.199"></a>
<FONT color="green">200</FONT>                                }<a name="line.200"></a>
<FONT color="green">201</FONT>                                holder.getRequest().getSession();<a name="line.201"></a>
<FONT color="green">202</FONT>                                GwtResponseUtil.processGwtException(servletContext, holder.getRequest(), holder.getResponse(),<a name="line.202"></a>
<FONT color="green">203</FONT>                                        new SessionAuthenticationException("Session had invalid."));<a name="line.203"></a>
<FONT color="green">204</FONT>                                return null;<a name="line.204"></a>
<FONT color="green">205</FONT>                            }<a name="line.205"></a>
<FONT color="green">206</FONT>                        }<a name="line.206"></a>
<FONT color="green">207</FONT>                    }<a name="line.207"></a>
<FONT color="green">208</FONT>                }<a name="line.208"></a>
<FONT color="green">209</FONT>    <a name="line.209"></a>
<FONT color="green">210</FONT>                getFilterChain(pjp).doFilter(holder.getRequest(), holder.getResponse());<a name="line.210"></a>
<FONT color="green">211</FONT>                return null;<a name="line.211"></a>
<FONT color="green">212</FONT>            } else {<a name="line.212"></a>
<FONT color="green">213</FONT>                //back to the original SessionManagementFilter<a name="line.213"></a>
<FONT color="green">214</FONT>                return pjp.proceed();<a name="line.214"></a>
<FONT color="green">215</FONT>            }<a name="line.215"></a>
<FONT color="green">216</FONT>        }<a name="line.216"></a>
<FONT color="green">217</FONT>    <a name="line.217"></a>
<FONT color="green">218</FONT>        @Around("execution(* org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(..))")<a name="line.218"></a>
<FONT color="green">219</FONT>        public Object doCSFilter(ProceedingJoinPoint pjp) throws Throwable {<a name="line.219"></a>
<FONT color="green">220</FONT>            HttpHolder holder = HttpHolder.getInstance(pjp);<a name="line.220"></a>
<FONT color="green">221</FONT>            SessionInformation info = holder.getRequest().getSession(false) != null &amp;&amp; GwtResponseUtil.isGwt(holder.getRequest())<a name="line.221"></a>
<FONT color="green">222</FONT>                    ? getSessionRegistry(getCSTarget(pjp)).getSessionInformation(holder.getRequest().getSession(false).getId()) : null;<a name="line.222"></a>
<FONT color="green">223</FONT>            if (info != null) {<a name="line.223"></a>
<FONT color="green">224</FONT>                if (info.isExpired()) {<a name="line.224"></a>
<FONT color="green">225</FONT>                    if (logger.isDebugEnabled()) {<a name="line.225"></a>
<FONT color="green">226</FONT>                        logger.debug("Concurrent Session ready logout");<a name="line.226"></a>
<FONT color="green">227</FONT>                    }<a name="line.227"></a>
<FONT color="green">228</FONT>                    Authentication auth = SecurityContextHolder.getContext().getAuthentication();<a name="line.228"></a>
<FONT color="green">229</FONT>                    for (LogoutHandler handler : getLogoutHandlers(getCSTarget(pjp))) {<a name="line.229"></a>
<FONT color="green">230</FONT>                        handler.logout(holder.getRequest(), holder.getResponse(), auth);<a name="line.230"></a>
<FONT color="green">231</FONT>                    }<a name="line.231"></a>
<FONT color="green">232</FONT>                    GwtResponseUtil.processGwtException(servletContext, holder.getRequest(), holder.getResponse(),<a name="line.232"></a>
<FONT color="green">233</FONT>                            new SessionAuthenticationException("This session has been expired (possibly due to multiple concurrent " +<a name="line.233"></a>
<FONT color="green">234</FONT>                                    "logins being attempted as the same user)."));<a name="line.234"></a>
<FONT color="green">235</FONT>                    return null;<a name="line.235"></a>
<FONT color="green">236</FONT>                } else {<a name="line.236"></a>
<FONT color="green">237</FONT>                    if (logger.isDebugEnabled()) {<a name="line.237"></a>
<FONT color="green">238</FONT>                        logger.debug("Concurrent info not expired");<a name="line.238"></a>
<FONT color="green">239</FONT>                    }<a name="line.239"></a>
<FONT color="green">240</FONT>                    // Non-expired - update last request date/time<a name="line.240"></a>
<FONT color="green">241</FONT>                    info.refreshLastRequest();<a name="line.241"></a>
<FONT color="green">242</FONT>                    getFilterChain(pjp).doFilter(holder.getRequest(), holder.getResponse());<a name="line.242"></a>
<FONT color="green">243</FONT>                    return null;<a name="line.243"></a>
<FONT color="green">244</FONT>                }<a name="line.244"></a>
<FONT color="green">245</FONT>            } else {<a name="line.245"></a>
<FONT color="green">246</FONT>                return pjp.proceed();<a name="line.246"></a>
<FONT color="green">247</FONT>            }<a name="line.247"></a>
<FONT color="green">248</FONT>        }<a name="line.248"></a>
<FONT color="green">249</FONT>    }<a name="line.249"></a>




























































</PRE>
</BODY>
</HTML>
